<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<!--#include file="../inc/conn.asp"-->
<!--#include file="../inc/md5.asp"-->
<!--#include file="../common/admin.asp"-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>add</title>
<link href="../css/style.css" rel="stylesheet" type="text/css"/>
</head>

<body>
<div class="main">
  <div class="main-title">密码修改</div>
  <div class="main-content"><table width="100%" border="0" cellspacing="1" cellpadding="3" class="tab">
  <form action="" method="post">
  <tr>
    <td width="29%" bgcolor="#FFFFFF">原始密码</td>
    <td width="71%" bgcolor="#FFFFFF"><input name="password" type="password" class="input" id="password" /></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">新密码</td>
    <td bgcolor="#FFFFFF"><input name="password2" type="password" class="input" id="password2" /></td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">确认新密码</td>
    <td bgcolor="#FFFFFF"><input name="password3" type="password" class="input" id="password3" /></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF"><input type="submit" name="button" id="button" value="保存" /></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
    </form>
  </table>
</div>
</div>
</body>
</html>
<%
if request("button")="保存" then

	  name=Request.Cookies("admin")("name")
	  password=request.Form("password")
	  password2=request.Form("password2")
	  password3=request.Form("password3")

	  if password2<>password3 then
	  response.write"<script>alert('两次输入新密码不一致，请重新输入');</script>"
	  response.write"<script>window.history.back(-1);</script>"
	  response.end
	  end if

      set rsx=server.createobject("adodb.recordset")
	  sql="select * from admin where name='"&name&"' and password='"&md5(name&password&name)&"'"
	  rsx.open sql,conn,1,3
	  if not rsx.eof then
		  rsx("password")=md5(name&password2&name)
	  rsx.update
	  
			Response.Cookies("admin")("name") = ""
			Response.Cookies("admin")("password") = ""
			response.cookies("admin")("menu") = ""
			response.write"<script>alert('新密码保存成功，请重新登录！');</script>"
			response.write ("<scr"+"ipt>top.location.href='../index.asp';</scr"+"ipt>") 
	
	  rsx.close
	  set rsx=nothing
	  else
		  response.write"<script>alert('原始密码错误，请重新输入');</script>"
		  response.write"<script>window.history.back(-1);</script>"
		  response.end 
	  end if
end if
%>